hsm

How to interface with PKCS #11 compliant HSM device in .Net?

I am supposed to write a client application in C# that communicates with Thales WebSentry and I need a few hints at how to start. Device comes with Java SDK but I need to do my programming in .NET. Are there any libraries in .NET that I can use, or will I have to do it all low-level (directly to socket). Any hints or pointers on how and...

SSL with private key on an HSM

I have a client-server architecture in my application that uses SSL. Currently, the private key is stored in CAPI's key store location. For security reasons, I'd like to store the key in a safer place, ideally a hardware signing module (HSM) that is built for this purpose. Unfortunately, with the private key stored on such a device, I...

Software security Module/ toolkit replacing HSM for developing crypto functions

Hello I worked and completed a PKI project which used a HSM for generating - storing keys and performing crypto functions. I used PKCS#11 to interface with our application for sigining/verifying and encryption/decryption. Our platform is windows. Now we are looking to offer a low cost alternative solution by replacing the the HSM with ...

Best Practice for Transitioning From Nested State to Nested State (see diagram)

I am trying to wrap my mind around the best way to implement nested state transitions in a single threaded programming language (Actionscript). Say I have a structure like this behavior tree: Now imagine that each leaf node is a destination point on a website, like an image in a gallery, or a comment nested in a post view nested in a ...

HSM - cryptoki - opening sessions overhead

I am having a query regarding sessions with HSM. I am aware that there is an overhead if you initialise and finalise the cryptoki api for every file you want to encrypt/decrypt. My queries are, Is there an overhead in opening and closing individual sessions for every file, you want to encrypt/decrypt.(C_Initialize/C_Finalize) How ma...

HSM - cryptoki - Sessions - Timeout

My application access the HSM via a ASP.NET web service through PKCS#11. I initialise the cryptoki library and obtain a session handle. Web-service hold on to this handle to perform encryption/decryption/signing/verifying in a batch mode. The problem i am facing is The ASP.NET web service time-outs' after 20 minutes. This act- i think, ...

pkcs#11 memory error - what might be the common reasons?

I am getting the CKR_DEVICE_MEMORY error code for C_Encrypt call using cryptoki library. From the PKCS#11 spec, CKR_DEVICE_MEMORY means The token doesnot have sufficient memory to perform the requested function. Under what circumstances, do we get the token's memory completely full? The HSM has been working 24x7 for 7 days continuous...

How to interface with PKCS#11 compliant HSM device in PHP

How can I use key material from a PKCS#11 compliant HSM (for example a SafeNet iKey 2032 [USB] or a Aladdin eToken PRO [USB]) in PHP application running on a Linux server? ...

Implementing Hierarchical State Machines in C

I'm a bit confused about how to implement my state machine. I already know it's hierarchical since some states share the same action. I determine what I need to do by these parameters: Class (Values are: Base, Derived, Specific) OpCode Parameter 1 - optional Parameter 2 - optional My hierarchy is determined by the Class and the OpC...

Which State Machine execution frameworks for C++ implement UML semantics?

I'm looking for a framework that provides execution of hierarchical state machines (HSMs). These are the requirements for the framework: Conforms to UML state machine semantics (as much as possible) Supports at least run-to-completion semantics hierarchical states entry and exit actions transition actions guards events with custom pa...